flutter_secure_storage: PlatformException (PlatformException(Exception encountered, read, javax.crypto.BadPaddingException: error:1e000065:Cipher functions:OPENSSL_internal:BAD_DECRYPT
Hi, I have upgraded to latest secure storage plugin flutter_secure_storage: 8.0.0. Below is the complete error.
Exception has occurred.
PlatformException (PlatformException(Exception encountered, read, javax.crypto.BadPaddingException: error:1e000065:Cipher functions:OPENSSL_internal:BAD_DECRYPT
at com.android.org.conscrypt.NativeCrypto.EVP_CipherFinal_ex(Native Method)
at com.android.org.conscrypt.OpenSSLEvpCipher.doFinalInternal(OpenSSLEvpCipher.java:152)
at com.android.org.conscrypt.OpenSSLCipher.engineDoFinal(OpenSSLCipher.java:374)
at javax.crypto.Cipher.doFinal(Cipher.java:2055)
at com.it_nomads.fluttersecurestorage.ciphers.StorageCipher18Implementation.decrypt(StorageCipher18Implementation.java:93)
at com.it_nomads.fluttersecurestorage.FlutterSecureStorage.decodeRawValue(FlutterSecureStorage.java:249)
at com.it_nomads.fluttersecurestorage.FlutterSecureStorage.read(FlutterSecureStorage.java:69)
at com.it_nomads.fluttersecurestorage.FlutterSecureStoragePlugin$MethodRunner.run(FlutterSecureStoragePlugin.java:156)
at android.os.Handler.handleCallback(Handler.java:938)
at android.os.Handler.dispatchMessage(Handler.java:99)
at android.os.Looper.loop(Looper.java:236)
at android.os.HandlerThread.run(HandlerThread.java:67)
, null))
How I initialise and use the flutter secure storage is like below. I keep in in a global file like below. I call the file as authcheck.
import ‘package:flutter_secure_storage/flutter_secure_storage.dart’;
class AuthCheck{ static const String partnerIdKey = ‘partnerIdKey’;
static const storage = FlutterSecureStorage( aOptions: AndroidOptions( encryptedSharedPreferences: true, ), );
static Future<String?> getPartnerID() async { String? partnerIdKey = await storage.read(key: ‘partnerIdKey’); return partnerIdKey; }
static insertDetails(String partnerID) async {
await storage.write(key: partnerIdKey, value: partnerID);
} }
So which ever page I need to insert or read the value I just insert this page example like this import ‘authcheck.dart’; I have been working smoothly in most of my apps but suddenly this errors. IF you see I have also put this option encryptedSharedPreferences: true. What else I could be missing from end ?
About this issue
- Original URL
- State: open
- Created a year ago
- Reactions: 14
- Comments: 34 (1 by maintainers)
Still experiencing this issue and doing this does not resolve…
resolved flutter_secure_storage: ^9.0.0 const secureStorage = FlutterSecureStorage( aOptions: AndroidOptions( encryptedSharedPreferences: true, ));
Instead of doing
Shouldn’t it be:
For Android up to 11:
For Android 12 and up:
As I see that:
This problem seems to occur only on SM-G991B (S21) and SM-G996B (S21+).
I have a similar issue
I tried this, but the users encounter this exception EVERY time the app is terminated and reopened, not just with a reinstall or a update. As @frankmer stated it only occurs on the S21 and S21+, and seems to occur since the latest android software update for those devices that was released this october.
I have exactly the same issue described above, in the same conditions mentionned by @devswingapplicationcom.
To temporarily solve the problem, I clear the secure storage the first time the user installs a new version. This cannot be done by everyone, but it can help on some cases. I use both Shared Preferences and Flutter Secure Storage.
I call the following code at startup:
This will be called only once per new version.
I have a similar issue
android:fullBackupContent=“false” indeed fixed all our problems, thanks! 😄
The current problem has nothing to do with the old problem from a few years ago. If reinstalling really fixes it, then my guess is that the link between the key and the application itself is broken, and reinstalling the application will reestablish that link. Although reinstalling may cause the other problem if backup is enabled.
I did it via Android Studio. Device Manager > Run Device > Folder Button under Actions. Then use “Save As…” and “Upload…”
Files found in data/data/{appid}/shared_prefs
The real question is whether the error has occurred since or because of the software update. Even if deleting the old data is not a good option. It would be nice to know if this is actually an option or if the error still occurs.
Had the same issue previously. I am fairly certain that at least some Samsung devices sometimes ignore the following Android flags:
What this means is that some Samsung phones store (locally / or on some google/samsung server) app data when the app is deleted ; and it restores it when the app is re-installed.
However, the padding encryption key DOES NOT leave the device and is deleted when the app is initially deleted.
When the user re-installs the app, a new encryption key is generated/returned. The app will attempt to decrypt the old restored data with the new encryption key, leading to the
BadPaddingException.My recommendation (and what I am doing) is to clear all encrypted data when encountering this exception and start fresh. If you encounter this, the existing encrypted data is almost certainly permanently lost anyways, since the decryption key does not exist anymore.
We are seeing the same issue BUT only when building release appbundle and upload to playstore
Not working:
Working:
?
What worked for me was this:
AndroidManifest.xml
And as @PieterAelse pointed out:
I’m on
flutter_secure_storage: ^9.0.0and Flutter 3.16.4 if that makes a difference.I never tested it on a real device, but I was able to simulate this error by adding an old FlutterSecureStorage.xml to shared_prefs after deleting the appdata. Our customer report only came from these devices, and there were a lot of them. SM-G998B (S21 Ultra) is now also on the list.
Hey @frankmer, how can i test it? I tried a lot of times but never get success, can’t found any log or reference using browser Stack. But a lot of user have been sending a bad review about this issue.